If you check the status of your first certificate request, it might say that the request is being held pending administrator approval. This status is common because the default setup for the standalone mode of the Windows certificate authority (CA) is to hold certificates until the administrator has approved their issuance. You use the Microsoft Management Console (MMC) Certification Authority snap-in, which must be run on the CA itself, to check on and approve requests. Here's how to see the pending requests so that you can approve or deny them:
- Launch the Certificate Services snap-in (click Start, Programs, Administrative Tools, Certificate Authority).
- Navigate to your CA in the left pane, then expand its node. You'll see five folders beneath it: Revoked Certificates, Issued Certificates, Pending Requests, Failed Requests, and Policy Settings.
- Click Pending Requests. The right pane lists all the pending requests on the CA. Right-click a request, then select either All Tasks, Issue or All Tasks, Deny, depending on what you want to do. Pay attention to which request you're clicking to ensure that you approve the correct one.
The Certification Authority snap-in can do a lot of other tricks, too, including revoking individual certificates (right-click a certificate in the Issued Certificates folder, then choose All Tasks, Revoke Certificate) and setting issuance policies for the CA. For a more complete reference, see the Windows 2000 online Help.
